<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hi Holger,<br>
<br>
We have fixed the error you found. You can find the downloads <a
href="https://github.com/OpenOverlayRouter/oor/wiki/Downloads">here</a>.
Please, let me know if it works properly now.<br>
<br>
Best regards<br>
<br>
Albert<br>
<br>
<br>
On 13/09/16 17:20, Holger Zuleger wrote:<br>
</div>
<blockquote cite="mid:085358ee-5998-7319-71d4-b16f7df1fc0a@hznet.de"
type="cite">
<pre wrap="">Hi,
</pre>
<blockquote type="cite">
<pre wrap="">Regarding the issue you have found, I have not been able to reproduce
it. Could you let me know the command you use to port scan the router?
</pre>
</blockquote>
<pre wrap="">nmap -sU -p 4341,4342 <ipv4-address of openwrt router>
</pre>
<blockquote type="cite">
<pre wrap="">When the router crashes, are you able to SSH to the machine? If yes,
could you check if lisptun0 interface and routes are still there?
</pre>
</blockquote>
<pre wrap="">I have to double check this, but I think that the routes are there, and
the rules also.
Because if I restart oor I see all the rules doubled, so I guess that
they are not deleted by oor.
Thanks again
Holger
</pre>
<blockquote type="cite">
<pre wrap="">
Thanks
Albert
On 13/09/16 15:01, Holger Zuleger wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi Albert,
thanks for the feedback.
</pre>
<blockquote type="cite">
<pre wrap="">First of all sorry for the delay. We were on holidays. I will try to
answer inline.
</pre>
<blockquote type="cite">
<pre wrap="">The first problem with this config was, that the oor process didn't
startup, because the pppoe-wan interface wasn't up at the oor startup
time. I changed the startup script to wait for the pppoe-wan interface
to come up before starting oor.
</pre>
</blockquote>
<pre wrap="">Good
</pre>
</blockquote>
<pre wrap="">Just if someone needs a similar functionality:
root@OpenWrt:~# cat /etc/init.d/oor
#!/bin/sh /etc/rc.common
START=30
STOP=80
start() {
echo "Stopping previous oor process ..."
killall oor &> /dev/null
rm /var/run/oor.pid
echo "Starting Open Overlay Router ..."
i=1
until ifconfig pppoe-wan 2>&1 > /dev/null
do
echo "waiting for pppoe-wan interface up"
sleep $i
i=`expr $i + 1`
test $i -gt 5 && break
done
/usr/sbin/oor -D
}
stop() {
echo "Stopping Open Overlay Router ..."
killall oor
}
</pre>
<blockquote type="cite">
<pre wrap="">OOR routing use rule to redirect traffic to lisptun0.
For instance:
#ip -6 rule
0: from all lookup local
99: from all to 2a03:3e00:ff01:1::1/64 lookup main
100: from 2a03:3e00:ff01:1::1/64 lookup 100
32766: from all lookup main
#ip -6 route show table 100
default dev lispTun0 proto static metric 100
</pre>
</blockquote>
<pre wrap="">Yes, this is (more or less) how it looks here too.
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">My guess is, that it has something to do with the (wrong) firewall
setting, wich is a bit of mystery for me.
</pre>
</blockquote>
<pre wrap="">Yes, this could be the reason. We also not have many experience with the
firewall of OpenWRT
We add this changes to the basic configuration of the firewall to make
it work:
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward '*ACCEPT*'
</pre>
</blockquote>
<pre wrap="">I guess this is the trick!
Now it works. Great!
However, now I have to play around with the firewall settings again to
protect my hosts. But this is a different story...
What's left open is the issue with the crashing oor process if I do a
port scan.
Now I even don't see the log message. The oor daemon just crashes
immediately if I send a UDP port scan to the (IPv4) wan IP address.
Of course that's a big problem...
Have anyone seen something similar running oor on an openwrt box
(probably on a ppp-interface)?
Thanks so far, best regards
Holger
</pre>
</blockquote>
<pre wrap="">
</pre>
</blockquote>
<pre wrap="">
</pre>
</blockquote>
<br>
</body>
</html>